(2016-10-16) Azure AD PowerShell v2.0 CMDlets Are In Public Preview

Since a few days the new Azure AD PowerShell v2.0 CMDlets are in public preview!

–

Eventually the new Azure AD CMDlets will replace the existing MSOLINE CMDlets. So, if you have tasks, scripts, whatever running that use the old CMDlets, make sure to start transitioning to the new CMDlets! Did you know you require at least PowerShell v5.0 to use this new PowerShell module? Well, you do know and you can get PowerShell v5.0 from here!

One of the key features of the new module is a close alignment of the PowerShell functionality with the Graph API capabilities. We are also moving towards a faster and more agile release process for new or updated functionality of these CMDlets. The new PowerShell CMDlets already provide more functionality in several areas, most notably for Modern Authentication and MFA (nice!), and includes new management capabilities for Applications and Certificate Authority through PowerShell. For a full list of all available CMDlets and how to use them, see the Azure AD PowerShell reference documentation.

The PowerShell module has changed from MSONLINE to AZUREADPREVIEW. With GA, probably it will be called AZUREAD. The part in the noun of the PowerShell CMDlet has changed from MSOL to AzureAD. So where e.g. an existing cmdlet was named “New-MSOLUser”, which adds a new user to the directory, the new cmdlet’s name is “New-AzureADUser. The parameters for the new CMDlets sometimes changed as well. As CMDlets are in close alignment with the Graph API functionality, the names of objects and parameters are as close as possible to what is used in Graph API. An overview of Azure AD Graph API functionality can be found here: Getting started with Graph API

–

New functionality in Azure AD PowerShell

Using the -SearchString parameter. This parameter allows you to search for data in your directory based on a matching string value. The SearchString search scope for users currently covers the attributes “City”, “Country”, “Department”, “DisplayName”, “JobTitle”, “Mail”, “mailNickName”, “State”, and “UserPrincipalName. This is similar to an ANR (Ambigious Name Resolution) Search in ADDS.

Managing Token Lifetime policy settings. You can now manage Token Lifetime settings in your directory and that will support operations on Policy, ServicePrincipalPolicy and PolicyAppliedObject objects. More information and examples for this functionality can be found here.

Managing Certificate Authority using Powershell for Azure AD. New CMDlets have been made available. For that see this

Managing Applications, Application Extension Properties, Application Owners and Application Key Credentials in Azure AD using PowerShell. New CMDlets have been made available. For that see this